Wsn
Products
7- 4 CVEs
- 3 CVEs
- 3 CVEs
- 3 CVEs
- 1 CVE
- 1 CVE
- 0 CVEs
Recent CVEs
12| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-60228 | Hig | 0.57 | 8.8 | 0.00 | Oct 22, 2025 | Deserialization of Untrusted Data vulnerability in designthemes Knowledge Base kbase allows Object Injection.This issue affects Knowledge Base: from n/a through <= 2.9. | ||
| CVE-2026-25402 | Med | 0.28 | 4.3 | 0.00 | Feb 19, 2026 | Missing Authorization vulnerability in echoplugins Knowledge Base for Documentation, FAQs with AI Assistance echo-knowledge-base allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Knowledge Base for Documentation, FAQs with AI Assistance:… | ||
| CVE-2011-1060 | 0.03 | — | 0.02 | Feb 23, 2011 | SQL injection vulnerability in the member function in classes/member.php in WSN Guest 1.24 allows remote attackers to execute arbitrary SQL commands via the wsnuser cookie to index.php. | |||
| CVE-2010-4006 | 0.03 | — | 0.01 | Nov 3, 2010 | Multiple SQL injection vulnerabilities in search.php in WSN Links 5.0.x before 5.0.81, 5.1.x before 5.1.51, and 6.0.x before 6.0.1 allow remote attackers to execute arbitrary SQL commands via the (1) namecondition or (2) namesearch parameter. | |||
| CVE-2010-0672 | 0.03 | — | 0.01 | Feb 22, 2010 | SQL injection vulnerability in index.php in WSN Guest 1.02 allows remote attackers to execute arbitrary SQL commands via the orderlinks parameter. | |||
| CVE-2008-6032 | 0.03 | — | 0.01 | Feb 3, 2009 | SQL injection vulnerability in comments.php in WSN Links Free 4.0.34P allows remote attackers to execute arbitrary SQL commands via the id parameter. | |||
| CVE-2008-3555 | 0.03 | — | 0.02 | Aug 8, 2008 | Directory traversal vulnerability in index.php in (1) WSN Forum 4.1.43 and earlier, (2) Gallery 4.1.30 and earlier, (3) Knowledge Base (WSNKB) 4.1.36 and earlier, (4) Links 4.1.44 and earlier, and possibly (5) Classifieds before 4.1.30 allows remote attackers to include and… | |||
| CVE-2007-3981 | 0.03 | — | 0.01 | Jul 25, 2007 | SQL injection vulnerability in index.php in WSN Links Basic Edition allows remote attackers to execute arbitrary SQL commands via the catid parameter in a displaycat action. | |||
| CVE-2006-5421 | 0.03 | — | 0.03 | Oct 20, 2006 | WSN Forum 1.3.4 and earlier allows remote attackers to execute arbitrary PHP code via a modified pathname in the pathtoconfig parameter that points to an avatar image that contains PHP code, which is then accessed from prestart.php. NOTE: this issue has been labeled remote file… | |||
| CVE-2005-3939 | 0.03 | — | 0.01 | Dec 1, 2005 | Multiple SQL injection vulnerabilities in WSN Knowledge Base 1.2.0 and earler allow remote attackers to execute arbitrary SQL commands via the (1) catid, (2) perpage, (3) ascdesc, and (4) orderlinks in a displaycat action in (a) index.php; and the (5) id parameter in (b)… | |||
| CVE-2005-3916 | 0.03 | — | 0.01 | Nov 30, 2005 | SQL injection vulnerability in memberlist.php in WSN Forum 1.21 allows remote attackers to execute arbitrary SQL commands via the id parameter in a profile action. | |||
| CVE-2011-1061 | 0.00 | — | 0.01 | Feb 23, 2011 | SQL injection vulnerability in memberlist.php in WSN Guest 1.24 allows remote attackers to execute arbitrary SQL commands via the time parameter. |
- risk 0.57cvss 8.8epss 0.00
Deserialization of Untrusted Data vulnerability in designthemes Knowledge Base kbase allows Object Injection.This issue affects Knowledge Base: from n/a through <= 2.9.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in echoplugins Knowledge Base for Documentation, FAQs with AI Assistance echo-knowledge-base allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Knowledge Base for Documentation, FAQs with AI Assistance:…
- CVE-2011-1060Feb 23, 2011risk 0.03cvss —epss 0.02
SQL injection vulnerability in the member function in classes/member.php in WSN Guest 1.24 allows remote attackers to execute arbitrary SQL commands via the wsnuser cookie to index.php.
- CVE-2010-4006Nov 3, 2010risk 0.03cvss —epss 0.01
Multiple SQL injection vulnerabilities in search.php in WSN Links 5.0.x before 5.0.81, 5.1.x before 5.1.51, and 6.0.x before 6.0.1 allow remote attackers to execute arbitrary SQL commands via the (1) namecondition or (2) namesearch parameter.
- CVE-2010-0672Feb 22, 2010risk 0.03cvss —epss 0.01
SQL injection vulnerability in index.php in WSN Guest 1.02 allows remote attackers to execute arbitrary SQL commands via the orderlinks parameter.
- CVE-2008-6032Feb 3, 2009risk 0.03cvss —epss 0.01
SQL injection vulnerability in comments.php in WSN Links Free 4.0.34P allows remote attackers to execute arbitrary SQL commands via the id parameter.
- CVE-2008-3555Aug 8, 2008risk 0.03cvss —epss 0.02
Directory traversal vulnerability in index.php in (1) WSN Forum 4.1.43 and earlier, (2) Gallery 4.1.30 and earlier, (3) Knowledge Base (WSNKB) 4.1.36 and earlier, (4) Links 4.1.44 and earlier, and possibly (5) Classifieds before 4.1.30 allows remote attackers to include and…
- CVE-2007-3981Jul 25, 2007risk 0.03cvss —epss 0.01
SQL injection vulnerability in index.php in WSN Links Basic Edition allows remote attackers to execute arbitrary SQL commands via the catid parameter in a displaycat action.
- CVE-2006-5421Oct 20, 2006risk 0.03cvss —epss 0.03
WSN Forum 1.3.4 and earlier allows remote attackers to execute arbitrary PHP code via a modified pathname in the pathtoconfig parameter that points to an avatar image that contains PHP code, which is then accessed from prestart.php. NOTE: this issue has been labeled remote file…
- CVE-2005-3939Dec 1, 2005risk 0.03cvss —epss 0.01
Multiple SQL injection vulnerabilities in WSN Knowledge Base 1.2.0 and earler allow remote attackers to execute arbitrary SQL commands via the (1) catid, (2) perpage, (3) ascdesc, and (4) orderlinks in a displaycat action in (a) index.php; and the (5) id parameter in (b)…
- CVE-2005-3916Nov 30, 2005risk 0.03cvss —epss 0.01
SQL injection vulnerability in memberlist.php in WSN Forum 1.21 allows remote attackers to execute arbitrary SQL commands via the id parameter in a profile action.
- CVE-2011-1061Feb 23, 2011risk 0.00cvss —epss 0.01
SQL injection vulnerability in memberlist.php in WSN Guest 1.24 allows remote attackers to execute arbitrary SQL commands via the time parameter.